<?php
session_start();
include("load-settings.php");

if(!isset($_SESSION['user']))
	header("Location: login.php");

$user = mysql_real_escape_string($_SESSION['user']);
$result = mysql_query("SELECT * FROM user WHERE id = $user");
$row = mysql_fetch_array($result);

if($row['type'] != 2)
	header("Location: home.php");

$username = mysql_real_escape_string($_POST['username']);
$paypal = mysql_real_escape_string($_POST['paypal']);
$level = mysql_real_escape_string($_POST['level']);
$password = mysql_real_escape_string($_POST['password']);
$hashed_password = crypt($password);

$result = mysql_query("SELECT * FROM user WHERE username = '$username' OR paypal = '$paypal'");

if(mysql_num_rows($result) != 0)
	header("Location: edit-booster.php");

mysql_query("INSERT INTO user (username, paypal, level, password, type) VALUES ('$username', '$paypal', '$level', '$hashed_password', 1)");

/*$to = $paypal;
$subject = "EloEdge application received.";
$message = str_replace("[password]", $pass, $booster_signup_email);
$message = str_replace("\n", "\r\n", $booster_signup_email);

$headers = 'From: webmaster@example.com' . "\r\n" .
'Reply-To: webmaster@example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);*/

header("Location: edit-booster.php");

?>